//package com.screen.screendisplay.config;
//
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.core.userdetails.User;
//import org.springframework.security.core.userdetails.UserDetails;
//import org.springframework.security.core.userdetails.UserDetailsService;
//import org.springframework.security.crypto.password.NoOpPasswordEncoder;
//import org.springframework.security.crypto.password.PasswordEncoder;
//import org.springframework.security.provisioning.InMemoryUserDetailsManager;
//import org.springframework.security.web.SecurityFilterChain;
//import org.springframework.web.cors.CorsConfiguration;
//import org.springframework.web.cors.CorsConfigurationSource;
//import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
//
//import java.util.Arrays;
//import java.util.List;
//
///**
// * Description: 配置类
// * @author dongixaoxu
// * @since 2025年8月1日
// */
//@Configuration
//@EnableWebSecurity
//public class SecurityConfig {
//    // Knife4j 相关路径
//    private static final String[] KNIFE4J_PATHS = {
//            "/doc.html",
//            "/webjars/**",
//            "/v3/api-docs/**",
//            "/swagger-resources",
//            "/swagger-resources/**",
//            "/favicon.ico"
//    };
//
//    @Bean
//    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
////        http
////                .authorizeHttpRequests(auth -> auth
////                        .requestMatchers(KNIFE4J_PATHS).authenticated()  // 需要认证
////                        .anyRequest().permitAll()  // 其他接口可自由访问
////                )
////                .httpBasic(basic -> basic.realmName("Knife4j API Docs"))  // 启用基础认证
////                .formLogin(form -> form.disable())  // 禁用表单登录
////                .csrf(csrf -> csrf.disable());  // 开发环境禁用CSRF
////
////        return http.build();
//
//        http
//                // 其他安全配置...
//                .cors(cors -> cors.configurationSource(corsConfigurationSource())) // 关键：启用CORS并使用配置
//                .csrf(csrf -> csrf.disable()) // 根据情况决定是否禁用CSRF
//                ;
//
//        return http.build();
//    }
//
//    @Bean
//    public CorsConfigurationSource corsConfigurationSource() {
//        CorsConfiguration configuration = new CorsConfiguration();
//        // 允许任何Origin（域）
//        configuration.setAllowedOriginPatterns(Arrays.asList("*"));
//        // 允许所有方法（GET、POST等）
//        configuration.setAllowedMethods(Arrays.asList("*"));
//        // 允许所有头信息
//        configuration.setAllowedHeaders(Arrays.asList("*"));
//        // 允许发送Cookie
//        configuration.setAllowCredentials(true);
//
//        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
//        // 对所有路径应用CORS配置
//        source.registerCorsConfiguration("/**", configuration);
//        return source;
//    }
//
//    @Bean
//    public UserDetailsService userDetailsService() {
//        UserDetails user = User.withDefaultPasswordEncoder()
//                .username("admin")  // 文档访问用户名
//                .password("123456")  // 文档访问密码
//                .roles("DOCS")      // 角色
//                .build();
//        return new InMemoryUserDetailsManager(user);
//    }
//
//    @Bean
//    public PasswordEncoder passwordEncoder() {
//        return NoOpPasswordEncoder.getInstance();
//    }
//
//
//}
